<?php

	include("common.php");
	
	$result = mysql_query("SELECT * FROM `197_users` WHERE `username` = '" . $_POST['username'] . "' AND `password` = '" . md5($_POST['password']) . "'") or die(mysql_error());
	
	if(mysql_num_rows($result)){
		$row = mysql_fetch_assoc($result);
		$_SESSION['username'] = $_POST['username'];
		$_SESSION['email'] = $row['email'];
		$_SESSION['type'] = $row['type'];
		
		include("header.php");
?>
<?php if(!AJAX){ ?><h1>登入</h1><?php } ?>
<p>登入成功，請<a href="index.php">按此</a>返回首頁。</p>
<script type="text/javascript">
	setTimeout(function(){ location.reload(); }, 1000);
</script>
<?php

		include("sidebar.php");
		include("footer.php");
	
	} else {
		include("header.php");
		
?>
<?php if(!AJAX){ ?><h1>登入</h1><?php } ?>
<p>登入失敗，您的帳號不存在，或您的密碼輸入錯誤。</p>
<?php

		include("sidebar.php");
		include("footer.php");
		
	}
	
?>